On Thu, Apr 24, 2003 at 10:57:21AM +0200, Arjan van de Ven wrote:> where it seems to say that if you need a script to be able to usefully> install a self compiled kernel, that script is part of "the sourcecode".> Now this of course can't and doesn't mean that people would need to give> up their private keys to the public; said "script" of course can also> install a second key or disable the keychecking. > > Or maybe I'm just totally interpreting this wrong.

You just arrange for the script to detect whether a private key ispresent. If none exists, it asks the user whether they want to generatea private key, and then calls gpg with the relevant options to do so.

The private key isn't part of the script, nor is it a requirement tobe able to (successfully) run the script.

Note that the GPL does not say whether the output from the installationscript has to be usable with the target hardware.